PERFORCE change 92917 for review

Todd Miller millert at FreeBSD.org
Tue Mar 7 08:39:59 PST 2006 

http://perforce.freebsd.org/chv.cgi?CH=92917

Change 92917 by millert at millert_ibook on 2006/03/07 16:39:26

	Convert mach_get_task_label() and mach_get_task_label_text()
	to take ipc_space_t not task_t and add sanity check for 
	space being IS_NULL.  Fixes a panic when the port passed
	in is not a task port.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/kern/security.c#6 edit
.. //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/security.defs#7 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/kern/security.c#6 (text+ko) ====

@@ -32,13 +32,16 @@
 
 kern_return_t
 mach_get_task_label(
-	task_t		 t,
+	ipc_space_t	 space,
 	mach_port_name_t *outlabel)
 {
-	ipc_labelh_t	lh = t->label;
-	ipc_space_t	space = t->itk_space;
 	kern_return_t	kr;
+	ipc_labelh_t	lh;
+
+	if (space == IS_NULL || space->is_task == NULL)
+		return KERN_INVALID_TASK;
 
+	lh = space->is_task->label;
 	ip_lock(lh->lh_port);
 	lh->lh_port->ip_mscount++;
 	lh->lh_port->ip_srights++;
@@ -55,16 +58,21 @@
   
 	return (KERN_SUCCESS);
 }
+kern_return_t
 
-kern_return_t
 mach_get_task_label_text(
-	task_t		t,
+	ipc_space_t	space,
 	labelstr_t	policies,
 	labelstr_t	outl)
 {
-	tasklabel_lock(t);
-	mac_externalize_task_label(&t->maclabel, policies, outl, 512, 0);
-	tasklabel_unlock(t);
+
+	if (space == IS_NULL)
+		return KERN_INVALID_TASK;
+
+	tasklabel_lock(space->is_task);
+	mac_externalize_task_label(&space->is_task->maclabel, policies, outl,
+	    512, 0);
+	tasklabel_unlock(space->is_task);
   
 	return KERN_SUCCESS;
 }

==== //depot/projects/trustedbsd/sedarwin7/src/darwin/xnu/osfmk/mach/security.defs#7 (text+ko) ====

@@ -23,7 +23,7 @@
   @return Standard MiG return values (0 for success)
 */
 
-routine mach_get_task_label(task      : task_t;
+routine mach_get_task_label(task      : ipc_space_t;
 			    out label : mach_port_name_t);
 
 /**
@@ -38,7 +38,7 @@
   @return Standard MiG return values (0 for success)
 */
 
-routine mach_get_task_label_text(task      : task_t;
+routine mach_get_task_label_text(task      : ipc_space_t;
 				 policies  : labelstr_t;
 				 out label : labelstr_t);

More information about the trustedbsd-cvs mailing list